DevSecOps Engineer III

Job Description:

DevSecOps Engineer III

(Remote Candidates will be considered)

Our Story and Our Purpose

National Digital Trust Company (In Organization) has received conditional approval from the Office of the Comptroller of the Currency to open as a federally chartered trust bank to provide a broad range of digital asset services.

We are building a specialized financial institution addressing the growing demand for digital asset services. Our primary business will focus on digital asset custody, providing secure, efficient custodial and fiduciary services for a variety of digital assets.

You will work with foundational systems and processes to help shape our operating model and influence how a new category of financial infrastructure comes to market.

We are looking for builders who handle complexity with confidence and tackle ambitious opportunities while keeping pace with this rapidly evolving industry.

Our Principles

Greatness is a mindset, not an accomplishment. Mediocrity is unacceptable. Excellence is contagious. We hire people because we believe in their greatness. Now is the time to prove us right.

Responsibility comes with the territory. Everyone is an owner, which means we share a common vision and mutual accountability. We act in line with our strategic objectives and the trust our customers place in us. We believe there is no such thing as "not my problem." Taking this level of ownership not only drives our collective success but also offers the potential for significant reward.

Innovation and adaptation are in our DNA. We are in a period of the most dramatic and rapid period of technological change in the history of humankind. Those that stay ahead will thrive, those that don't, won't. We innovate intelligently and thrive on overcoming challenges, to get (at least) a little better every day and ensure our continued growth and success.

Team first. We are reliable teammates working together toward extraordinary success through honesty and accountability. We believe collaboration knows no hierarchy, and we focus on what matters. We work toward consensus, but when necessary, we disagree and commit. We know that winners win.

Job Overview

As a DevSecOps Engineer III, you will be a key force in strengthening and scaling our secure digital asset infrastructure. You’ll design and implement automation, security controls, and cloud-native systems within our cloud environment — supporting both proprietary applications and critical third-party integrations. This role offers deep ownership across CI/CD, identity, secrets management, and security observability — with the mandate to push innovation while never compromising safety. You’ll collaborate closely with engineering, security, and compliance leaders to build infrastructure engineered for institutional confidence — and directly influence the future of digital asset security at an industry-defining company.

Objectives

Lead the hardening and modernization of our GitHub ecosystem — consolidating organizations, implementing guardrails and RBAC best practices, and establishing policy-as-code governance at scale.
Assess and evolve the current CI/CD posture — modernizing pipelines, evaluating tooling, and driving toward fully automated secure delivery workflows.
Implement Secure Software Development Framework (SSDF) practices to embed “secure-by-design” principles throughout the SDLC — ensuring supply chain integrity from commit to production.
Act as an SRE for new application infrastructure — building out observability, proactive reliability patterns, performance scaling strategy, and operational readiness.
Design, manage, and automate cloud infrastructure (including container and container orchestration where applicable) through infrastructure-as-code — aligned to NIST CSF 2.0, least-privilege, and zero-trust security models.
Develop and integrate ITSM operational workflows — introducing automation and process maturity where needed to align engineering velocity with auditable controls and resilience.
Promote a culture of security across the organization.
Be able to wear many hats, performing critically required duties as necessary, especially as the team is being developed
Occasional travel to other offices, customers, and vendor offices

What you bring to our company

5–8+ years of experience in DevSecOps, SRE, or Cloud Security Engineering roles operating in production-critical environments
Deep hands-on expertise with leading cloud providers (IAM, networking, security services, automation, zero-trust / least privilege, cost awareness)
Practical experience operating and securing Kubernetes — including IaC-driven provisioning, policy enforcement, and observability
Strong command of SCM administration — including RBAC, repo automation, organization policy enforcement, and secure SDLC controls
Proficiency with Infrastructure as Code (Terraform, CDK, or equivalent) and configuration automation (e.g., Helm, ArgoCD, Crossplane, etc. a plus)
Familiarity with ITSM-aligned engineering operations — enabling traceability, incident management, and operational readiness at scale
Excellent communicator and proactive collaborator — able to influence cross-functional teams and advocate for secure-by-design principles

Preferred Experience, Skills and Knowledge

Advanced understanding of cloud security, identity, secrets management, and automated governance — ideally aligned to frameworks like CSF 2.0, ISO, or SOC2
Previous experience in fintech, blockchain, digital assets, or other highly regulated / high-trust environments
Demonstrated experience owning and maturing CI/CD pipelines, with strong emphasis on supply-chain integrity, infrastructure automation, and SSDF-aligned delivery
Strong self-starter with strong analytical and problem-solving skills

We promote diversity of thought, culture, background, and experience. We are an equal opportunity employer, and employment at our company is based solely on one's merit and qualifications directly related to professional competence. We do not discriminate based on race, creed, color, ancestry, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, military or veteran status, or any other characteristics protected by law.

Featured benefits

Employer-provided: Medical, Dental, and Vision insurance, 401(k), and disability insurance

We are a remote-friendly team and welcome applicants from across the U.S.

Apply for this job

First name

Last name

Email address

Location

Phone number

Resume

Attach resume

Attach another file

Attach file

What are your salary requirements?

Are you authorized to work in the United States?

Will you now or in the future require sponsorship for employment visa status (e.g. H-1B status)?

What is your earliest start date?

Are you 18 years of age or older?

Do you have any professional qualifications (PMP, MCSE)?

What is the highest level of education you’ve obtained?

Were you referred to our company by a current employee?

If yes, please provide the employee's name.

Have you worked in a startup, early stage or high-growth environment before?

If yes, would you please describe the role you held and your experience.

How would you describe your leadership style?

What do you consider to be your strongest skills or qualities in the workplace?

Are you willing to undergo a background check, in accordance with local laws and regulations?

We invite you to complete the optional self-identification questions below used for compliance with government regulations and record-keeping guidelines. Any self-identification information provided will not be considered in the selection process.

GENDER

VETERAN STATUS Learn more about veteran statuses

If you believe you belong to any of the categories of protected veterans listed below, please indicate by selecting the appropriate category(ies). The hiring employer is subject to the Vietnam Era Veterans' Readjustment Assistance Act of 1974, as amended by the Jobs for Veterans Act of 2002, 38 U.S.C. 4212 (VEVRAA) and requests this information in order to measure the effectiveness of the outreach and positive recruitment efforts it undertakes pursuant to VEVRAA.

DISABILITY STATUS Learn more about disability statuses

We are required by law to provide equal employment opportunity to qualified people with disabilities. We are also required to measure our progress toward having at least 7% of our workforce be individuals with disabilities. To do this, we must ask applicants and employees if they have a disability or have ever had a disability. Because a person may become disabled at any time, we ask all of our employees to update their information at least every five years.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and not be seen by selecting officials or anyone else involved in making personnel decisions. Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past. For more information about this form or the equal employment obligations of federal contractors under Section 503 of the Rehabilitation Act, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.